Financial Services: A Positive Shift in Cyber Security Posture

There is some promising news regarding the state of cyber security among financial services organizations.

As an industry, risk-averse financial services companies are investing more in cyber security, with a security spending increase of 14 percent. This heightened focus on security might explain why organizations working in financial services detected three percent fewer security incidents last year than in 2014 (PWC 2015).

It might help us also understand a finding of Verizon’s 2016 Data Breach Investigations Report that the financial sector’s ratio of security incidents to confirmed data breaches was only half. (Which is significantly lower than other industries, such as accommodation and retail at over 75 percent.)

Let’s be clear, however; attackers are still targeting financial services organizations. Web app attacks were the top breach pattern observed by Verizon in 2015, and it accounted for 82 percent of financial services organizations’ breaches (up from 31 percent from last year).

The second top breach pattern was Point-Of-Sale (POS) attacks, which have targeted some financial services companies like payment processors and card issuers.

But that’s not all. Additional research points to malicious actors’ continued effort to launch distributed denial-of-service (DDoS) attacks against financial services companies. The impact of a successful DDoS campaign is huge. One-fifth of financial service organizations lost more than one million dollars in hourly revenues as a result of successful DDoS attacks.

So, how are financial services organizations turning the tide against digital threats?

Confidence is an important ingredient to success in the fight against cyberwar. But overconfidence can blind people, lower their guard and hinder their success.

Unfortunately, overconfidence is more prevalent than you might think. Tripwire recently evaluated the confidence of IT professionals in all industries regarding the efficacy of seven key security controls that help to quickly detect a cyber-attack. It found that IT professionals in the financial services sector generally displayed high levels of confidence in their ability to detect breaches.

This confidence smacks against the fact that 60 percent of security personnel either did not know or only had a general idea of how long it would take to isolate or remove an unauthorized device from their organizations’ networks, and only 37 percent had automated tools to identify unauthorized configuration changes.

Nonetheless, another promising note for financial services companies is the new driver behind their security programs. In previous years, it was compliance. Now, avoiding data breaches has become the primary driver in 2015, with compliance falling to second (SANS 2015).

The reality is that compliance does not equal security. Compliance has good intentions for security, but the threat landscape is simply evolving too quickly – compliance alone just can’t keep up with it.

All the while, the financial services sector has been forward-leaning when it comes to cyber security collaboration. For instance, there is a forum called FS-ISAC that encourages collaboration in the industry on cyber security. A core value of that forum is the importance of threat intelligence sharing between organizations.

FS-ISAC gathers intelligence from a range of sources (including its members, security firms, etc.) and distills the threat information to become actionable intelligence. Its new Critical Infrastructure Notification System (CINS) allows the FS-ISAC to speed security alerts to multiple recipients around the globe near-simultaneously while providing for user authentication and delivery confirmation.

Here is a great example of the guidance you can get from FS-ISAC:

It’s worth checking out this organization!

The financial services sector has demonstrated some progress and increased its maturity on cyber security efforts. But it’s fair to say that financial services organizations will always be a target for cyber attacks. Given this predicament, it’s best for companies to be cautiously confident and never let their guard down.

See how a strategic partnership with Tripwire enabled this financial services company to deliver rapid platform and market innovations, while ensuring all-encompassing system integrity within a comprehensive security program: